CS283 Lecture 3 - Part 2 - Public Key Infrastructure - 20090922

CS283 Lecture 3 - Part 2 - Public Key Infrastructure - 20090922

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
GWU CS 172/283 Autumn 2009 Contains slides from Matt Bishop’s slide set Public Key Infrastructure (PKI) GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 03 – Part 2 - Rev 20090922
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 03 – Part 2 - Rev 20090922 2 Notation X Y : { Z || W } k X , Y X sends Y the message produced by concatenating Z and W enciphered by key k X , Y , which is shared by users X and Y A T : { Z } k A || { W } k A , T A sends T a message consisting of the concatenation of Z enciphered using k A , A ’s key, and W enciphered using k A , T , the key shared by A and T r 1 , r 2 nonces (nonrepeating random numbers)
Background image of page 2
GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 03 – Part 2 - Rev 20090922 3 Session, Interchange Keys Alice wants to send a message m to Bob She generates a random cryptographic key k s and uses it to encipher m To be used for this message only Called a session key She enciphers k s with Bob’s public key k B k B enciphers all session keys Alice uses to communicate with Bob Called an interchange key Alice sends { m } k s { k s } k B
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 03 – Part 2 - Rev 20090922 4 Benefits Limits amount of traffic enciphered with single key Standard practice, to decrease the amount of traffic an attacker can obtain Prevents some attacks Example: Alice will send Bob message that is either “BUY” or “SELL”. Eve computes possible ciphertexts { “BUY” } k B and { “SELL” } k B . Eve intercepts enciphered message, compares, and gets plaintext at once
Background image of page 4
GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 03 – Part 2 - Rev 20090922 5 Classical Key Exchange (without PKI) Bootstrap problem: how do Alice, Bob begin? Alice can’t send key to Bob in the clear! Assume trusted third party, Cathy – Alice and Cathy share secret key k A – Bob and Cathy share secret key k B Use this to exchange shared key k s
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 03 – Part 2 - Rev 20090922 6 Simple Protocol Alice Cathy { request for shared key with Bob } k A Alice Cathy { k s } k A || { k s } k B Alice Bob { k s } k B
Background image of page 6
GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 03 – Part 2 - Rev 20090922 7 Problems How does Bob know he is talking to Alice? Replay attack: Eve records message from Alice to Bob, later replays it; Bob may think he’s talking to Alice, but he isn’t Session key reuse: Eve replays message from Alice to Bob, so Bob re-uses session key Protocols must provide authentication and defense against replay, these are problems even when cryptography used is asymmetric Numerous solutions, we will consider ones based on the PKI
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 03 – Part 2 - Rev 20090922 8 Public Key Key Exchange
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

This document was uploaded on 12/05/2009.

Page1 / 31

CS283 Lecture 3 - Part 2 - Public Key Infrastructure - 20090922

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online